Yahoo/bellsouth.net reports my sender as a possible fraud/spoof following an on-premises Exchange to Office 365 Exchange Cutover Migration

Recently completed an on-premises Exchange to Office 365 hosted Exchange cutover migration. Everything went as advertised and the company is using hosted Exchange without issues. The on-premises Exchange server has been shut down since the migration. The one issue I'm having: When someone sends an email from the company domain to one of the employees' PERSONAL bellsouth.net account, the bellsouth.net account holder gets the email, but then gets another email saying (see graphic): This sender failed our fraud detection checks and may not be who they appear to be. I reviewed the DNS records for the company domain and found a legacy SRV mail protection record and a mail A record related to the on-premises Exchange server, which I have since deleted. But even after a day or so allowing for propagation, the problem persists. Thoughts?
yahoo-emailerr.JPG
LVL 1
tcianfloneAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Schnell SolutionsConnect With a Mentor Systems Infrastructure EngineerCommented:
Hello,

You are going on the good track. Because the problem is really related to anti spam checks and revisions, I believe that it is what you just reconfigured correctly: The ID Filtering / SPF that are validated with the TXT record in your DNS zone.

Additionally, like you stated, it usually takes from 0 to 3 days. However, some anti spam solutions store information locally for some additional time.

Try to check if there is a process (usually it is done online), where you can contact the destination domain messaging administrators, and complete any additional action to take you out from possible block lists in 'their systems'.
0
 
tcianfloneAuthor Commented:
So, it's been a week now and this is still happening. The DNS zone looks fine to me, like every other Office 365 hosted Exchange service I have ever set up. And bellsouth.net is the ONLY email service complaining about it. Can anyone provide a link to where I can report this to AT&T email admins? That company is so huge, I can't imagine actually finding the right place to report something like this.
0
 
Schnell SolutionsSystems Infrastructure EngineerCommented:
You can start here...

http://rbl.att.net/block_inquiry.html

There are many links for many tasks, i.e. Tools for administrators or mail systems whose messages has been blocked.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.